The bug is similar to some of the other recently disclosed vulnerabilities in that it exists in Android’s mediaserver component.

Multiple vulnerabilities with a wide range of effects have been plaguing the Android ecosystem within the past month, and now researchers with Trend Micro have identified a new bug that can be exploited by an attacker to practically take over a device.

Google has addressed the bug, CVE-2015-3842, which can be exploited via a malicious app that does not require any special permissions, Wish Wu, mobile threat response engineer with Trend Micro, wrote in a Monday post.

Christopher Budd, global threat communications manager with Trend Micro, told SCMagazine.com in a Tuesday email correspondence that a “successful attack could result in code execution with full privileges on the device. That means they can do everything the owner of the device can.”

The vulnerability affects Android versions 2.3 to 5.1.1, Wu wrote. He explained that attacks can be fully controlled, meaning that the malicious app – which could appear legitimate on the device, making it tough for users to identify and delete – can decide when to start or stop an attack.

The bug is similar to some of the other recently disclosed vulnerabilities in that it exists in Android's mediaserver component, Wu wrote. For this issue, more specifically, it exists in the AudioEffect component of the mediaserver program.

“It seems that the mediaserver component hasn't gone through a rigorous security review process,” Budd said. “As a result, coding flaws resulting in exploitable vulnerabilities are being discovered. It's similar to what Microsoft went through in the early 2000s.”

Techscape is SC Media’s content marketing platform. Industry experts share their views in the following categories

Partner Content is sponsored content brought to you by a vendor

SC Media arms cybersecurity professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.